Details
-
Bug
-
Resolution: Fixed
-
Low
-
2.8.1
Description
Attempting a space export using the remote API as the anonymous user (that is, without logging in) does not work.
It will result in a NullPointerException in 2.8.1 and earlier, and an IllegalArgumentException in 2.8.2 and after.
This can be fixed by removing the IllegalArgumentException thrown by com.atlassian.confluence.security.DownloadGateKeeper#addKey when the user is null. Since we represent the anonymous user with null, I see no reason why addKey should not accept it. The existing situation results in multiple replications of the same logic throughout Confluence, like this:
// If the current user is anonymous, pass it through (CONF-5219) if (remoteUser == null) { gateKeeper.allowAnonymousAccess(downloadPath); } else { gateKeeper.addKey(downloadPath, remoteUser.getName()); }